diff options
author | wangmy <wangmy@fujitsu.com> | 2022-05-30 14:40:47 +0800 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2022-06-06 05:32:51 -1000 |
commit | 190457be2ee24a99da3a6383233ccc4b76dd2b0c (patch) | |
tree | 915e53cd91fe82f1e3f8eddeadab53b7959ccc34 | |
parent | af7048c4b7daabc237b1b8f2982d67cb1fd88b4c (diff) | |
download | openembedded-core-contrib-190457be2ee24a99da3a6383233ccc4b76dd2b0c.tar.gz |
logrotate: upgrade 3.19.0 -> 3.20.1
Changelog:
=========
drop world-readable permission on state file even when ACLs are enabled (#446)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
fix a misleading debug message with copytruncate and rotate 0 (#443)
add support for unsigned time_t (#438)
do not lock state file /dev/null (#433)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 391fdcf742c4669c1c4654f9b022b3d277aa0038)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r-- | meta/recipes-extended/logrotate/logrotate_3.20.1.bb (renamed from meta/recipes-extended/logrotate/logrotate_3.19.0.bb) | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-extended/logrotate/logrotate_3.19.0.bb b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb index 2a60d9b31f..35977535aa 100644 --- a/meta/recipes-extended/logrotate/logrotate_3.19.0.bb +++ b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb @@ -15,7 +15,7 @@ UPSTREAM_CHECK_REGEX = "logrotate-(?P<pver>\d+(\.\d+)+).tar" SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz" -SRC_URI[sha256sum] = "ddd5274d684c5c99ca724e8069329f343ebe376e07493d537d9effdc501214ba" +SRC_URI[sha256sum] = "742f6d6e18eceffa49a4bacd933686d3e42931cfccfb694d7f6369b704e5d094" # These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used CVE_CHECK_IGNORE += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550" |